Insights

ICO’s International Strategy: Helping protect UK public’s personal information in a global environment Last month the ICO published an International Strategy, designed to help it meet global data protection challenges. This includes GDPR, Brexit, changing technology, and increased globalism. The chief aim of the strategy is to strengthen privacy and protection for the UK public regardless of where risks are. Four main international concerns are highlighted: While the UK remains a member of the EU, to operate as an influential data protection authority at European level – as well as when the UK leaves, and during any period of transition. In an increasingly globalised world experiencing rapid growth of online technologies, to maximise the ICO’s delivery against its objectives and relevance. To ensure that UK data protection practice and law is used as a benchmark for the highest global standards. To address the uncertainty of legal protections when it

As of today there is still no movement on the ICO’s guidance, when it comes to naming the company we’re processing data for. Recital 42 states that the recipient “should” know the identity of the data controller (your client). The important word here is “should”, rather than “must”. We work very closely with the DMA to ensure we’re 100% compliant when it comes to GDPR. During a recent DMA web conference call, their Legal team suggested that the ICO may still loosen further their final version of guidance for GDPR; keeping it closer to the Data Protection Act’s current form. This means that businesses can opt in prospects to a “narrow band” of topics or subjects (such as Internet Security, or Financial Technology). Their details can then be rented out on a subscription basis. If the ICO changes that “should” to a “must”, you’ll be in need of a

By the end of this year, the ICO plans to provide guidance on the “legitimate interest” provisions of the GDPR. By legitimate interest we mean certain cases where organisations rely on claiming they have a legitimate interest in processing the data they collect: eg, when making live telephone calls or sending communications by post. The ICO says it will publish guidance to explain exactly when legitimate interest can be used to justify contacting someone or processing their data. In the meantime, let’s take a look at the difference between legitimate interest and consent – and how this works with invisible processing. Legitimate interest As An Option As a business, legitimate interest may well seem the better option for you, or at least for a good percentage of yoir own data. But there will be tests that you need to be able to fulfil, such as being specific about

According to Hubspot, 42% of B2B marketing professionals state that a lack of quality data is their biggest barrier when it comes to lead generation. Meanwhile, ZoomInfo says although 62% of businesses rely on prospect data – 40% of their objectives fail because of their data’s inaccuracy. It comes as no surprise then, that in order to achieve ROI from your customer and prospect data, keeping it clean is an absolute must. Improving the accuracy of your data enables you to deliver campaigns that are more targeted, and therefore more effective in terms of increasing lead generation. Your reputation is kept safe, since you won’t be contacting prospects who have asked you repeatedly and with increasingly less patience, to remove them from your mailing list. With GDPR on the horizon, you should also ensure your business practice is compliant when it comes to upholding your data subject’s privacy. For

As an ISO27001 accredited company, we’re already working to the highest possible standards when it comes to GDPR compliance. From May 25th 2018, you’ll need to ensure you’re encrypting data and upholding the privacy and integrity of the information you’re handling. In order to reduce risk and avoid hefty fines, you must start preparing now. Did you know that 26% of businesses are not on course to meet the changes that will be imposed by GDPR? We’ve prepared this infographic to walk you through the five essential, key obligations you need to abide by in order to stay compliant. It also explains the steps we can take to ensure your business takes accountability of your subject’s data privacy and upholds subject data rights: To prepare for GDPR and ensure you’ve taken all necessary steps to avoid a potential fine of 4% of your annual worldwide turnover, or

Purchasing data may seem like a quick and easy way to gain access to contacts who have opted in to receiving marketing. The reality is, if a shortcut seems too good to be true – most likely it is. By relying on purchased data you’re at risk of damaging your brand, losing customers and prospects, and wasting a whole lot of time and money in the process. Yet time and time again, we see marketers make the fundamental mistake of considering data a purely tactical element in their campaign activity. They use it merely as a support mechanism, losing sight of what marketing is – and should be – about. Acquiring lists that have been passed around a myriad of times, offer no competitive advantage, and lack any insight into segmentation beyond the rudimentary demographics still (shockingly) seems to be the the go-to option for many businesses. Let’s take

With the General Data Protection Regulation (GDPR) set to be implemented in the EU by May 2018, this is the final year for you to adapt and make the necessary changes. All organisations which handle personal data will need to comply with the requirements of the regulation, which has obligations around subject consent, data breach notification, and the processing and transfer of data. Still, despite the masses of information available surrounding GDPR and what it means, only last month research by the DMA reported that despite 93.6% of businesses believing that GDPR is applicable to their business – 62% have no plans in place to prepare for GDPR. With the potential of substantial fines of up to 4% of global revenue being imposed for non-compliance e.g. administrative failures and security breaches, your business needs to start preparing for the GDPR now. Additionally, GDPR has consequences in other respects. There

Welcome to the first in a two-part blog series focussed around data management. In this article we’ll be opening up the subject of GDPR, why it’s essential to comply, and how the importance of the human touch When it comes to gaining permission to market, the more opt-ins your database contains, the higher your conversion rate will be. It makes sense therefore that your focus should be on the quality of your data vs quantity. Using GDPR compliant processes means the size of your database might shrink – BUT from less contacts, you get a better return rate. Many of our clients approach us with the problem of having large quantities of badly qualified or unqualified data, which leads to a negative impact on their conversion rate. Complying with GDPR means tightening up on process when cleansing data, helping to maximise the quality of your contact information. The

If you think Brexit means you don’t have to worry about the GDPR, think again. The ICO (Information Commissioner’s Office) states that “The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.” With this in mind, and with less than 13 months to go before the GDPR goes live, what should you be doing to ensure you don’t get penalised for being non-compliant? Regulations are fast changing. According to the DMA, as many as a quarter (26%) of businesses are not on course to meet the fast-approaching GDPR changes, with B2B marketers being the least prepared. Mixed attitudes towards the GDPR signal that some UK businesses are already GDPR compliant; some are halfway – using the new framework as a baseline minimum; whilst others are choosing to keep their heads buried in the sand right up until the last minute.